Agencja Unii Europejskiej ds. Cyberbezpieczeństwa, Krajobraz zagrożeń dla ataków na łańcuchach dostaw wg ENISA

ENISA THREAT LANDSCAPE FOR SUPPLY CHAIN ATTACKS

JULY 2021

EXECUTIVE SUMMARY

Supply chain attacks have been a security concern for many years, but the community seems to have been facing a greater number of more organized attacks since early 2020. It may be that, due to the more robust security protection that organizations have put in place, attackers successfully shifted towards suppliers. They managed to have significant impacts in terms of the downtime of systems, monetary losses and reputational damages, to name but a few. The importance of supply chains is attributed to the fact that successful attacks may impact a large amount number of customers who make use of the affected supplier. Therefore, the cascading effects from a single attack may have a widely propagated impact.

This report aims at mapping and studying the supply chain attacks that were discovered from January 2020 to early July 2021. Based on the trends and patterns observed, supply chain attacks increased in number and...